/*
 * Copyright 2005 Lumis EIP Tecnologia da Informa��o
 */

package lumis.util.security.acl;

import lumis.portal.PortalException;
import lumis.portal.authentication.SessionConfig;
import lumis.portal.dao.DaoException;
import lumis.portal.manager.ManagerException;
import lumis.portal.serialization.DeserializationConfig;
import lumis.portal.serialization.operation.IConfigKeyChecker;
import lumis.util.ITransaction;

import java.io.OutputStream;

import org.w3c.dom.Node;

/**
 * Interface common to all acl managers. Specific acl manager
 * interfaces should extend this one.
 * 
 * @since 4.0.0
 * @version $Revision: 8618 $ $Date: 2007-12-18 11:34:20 -0200 (Tue, 18 Dec 2007) $
 */
public interface IAclManager extends IConfigKeyChecker
{
	public void serialize(SessionConfig sessionConfig, String securableId, OutputStream outputStream, ITransaction transaction) throws ManagerException, PortalException;
	public String deserialize(SessionConfig sessionConfig, DeserializationConfig deserializationConfig, Node accessControlListNode, boolean onlyAddSimpleAcls, ITransaction transaction) throws ManagerException, PortalException;
	
	/**
	 * Verify if the permission is valid for the sessionConfig's user.
	 * 
	 * @param sessionConfig
	 * @param channelId
	 * @param permission
	 * @param transaction
	 * @return Returns the true or false value.
	 * @throws ManagerException
	 * @throws PortalException
	 */
	public boolean checkPermission(SessionConfig sessionConfig, String itemId, IPermission permission, ITransaction transaction) throws ManagerException, PortalException;

	/**
	 * Verify if the permission if valid for the specified userId.
	 * @param sessionConfig
	 * @param userId
	 * @param itemId
	 * @param permission
	 * @param transaction
	 * @return
	 * @throws ManagerException
	 * @throws PortalException
	 */
	public boolean checkPermission(SessionConfig sessionConfig, String userId, String itemId, IPermission permission, ITransaction transaction) throws ManagerException, PortalException;

	/**
	 * Deletes an acl.
	 * <p>
	 * This method does not delete the acl's children. They must
	 * have been deleted or the foreign key constraints will not
	 * allow their parent to be deleted.
	 * @param aclId the id of the acl to be deleted from persistence.
	 * @param transaction the transaction for persistence access.
	 * @throws PortalException
	 */
	public void delete(String aclId, ITransaction transaction) throws PortalException;
	
	/**
	 * Allows removal of cached items
	 * 
	 * @param aclId
	 * @param transaction
	 * @throws DaoException
	 * @throws PortalException
	 */
	public void removeFromCache(String aclId, ITransaction transaction) throws DaoException, PortalException;

	/**
	 * Clears all ACL cache.
	 * @param transaction the transaction for persistence access. If null,
	 * the cache is just cleared, else it is cleared as a transactional
	 * operation as specified in {@link lumis.portal.cache.PortalCache#clear(ITransaction)}.
	 * @since 4.1.0
	 */
	public void clearCache(ITransaction transaction) throws PortalException;
	
	/**
	 * Delete ACL entries in all ACLs for the specified principal.
	 * 
	 * @param principalId
	 * @param transaction
	 * @throws DaoException
	 * @throws PortalException
	 */
	public void deleteAclEntryByPrincipalId(String principalId, ITransaction transaction) throws PortalException;
	public void addOrUpdate(AccessControlList acl, ITransaction transaction) throws ManagerException, PortalException;
	public void add(AccessControlList acl, ITransaction transaction) throws PortalException;
	public boolean exists(String aclId, ITransaction transaction) throws DaoException, PortalException;
}
